Vulnerabilities > Wire Plastic Design > Wpquiz > 2.7

DATE CVE VULNERABILITY TITLE RISK
2010-09-24 CVE-2010-3608 SQL Injection vulnerability in Wire Plastic Design Wpquiz 2.7
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.
network
low complexity
wire-plastic-design CWE-89
7.5
7.5
2007-11-30 CVE-2007-6172 SQL Injection vulnerability in Wire Plastic Design Wpquiz 2.7
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
network
low complexity
wire-plastic-design CWE-89
critical
 10.0
10